Snort mailing list archives

Previous By Date Next
Previous By Thread Next

rules update script and consistency

From: <adulau-snort () colorado g-inter net>
Date: Tue, 2 Oct 2001 08:21:28 +0200 (CEST)
Hello All,

Here it is my trouble, I want to update automatically my rules set without
having to change back my false-positive removed rules. 
I have seen this scripts, snort-update. Snort-update is doing only a diff
of the existing rules and send a mail for doing manually the mv. 

I plan to do a script like that : 

-> Concentrate all the rules, in one files. 
-> Make modification with using this script (or the script via Webmin).

        The script keep two files : one activated rule list and one
                                    desactivated rule list.
-> When i get snort rule from snort.org or from whitewhats, it's generate
a new activated rule list and remove the entry available in desactivated
rule list. 
-> So we have new rules but the already desactivated rules...

Is there any script like that for the moment, or i need to do it ? 
(To not do the work 2 times 8-))

Thanks a lot

Alexandre Dulaunoy
--
http://www.foo.be/




_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: